Transfer Data via Multiple Protocols with Libcurl - Page 2

PHP Data Transfer via FTPS with Libcurl

FTPS (FTP Secure or FTP-SSL) is an extension to the commonly used File Transfer Protocol (FTP) that adds support for the Transport Layer Security (TLS) and the Secure Sockets Layer (SSL) cryptographic protocols. FTPS includes full support for the TLS and SSL cryptographic protocols, including the use of server-side public key authentication certificates and client-side authorization certificates. It also supports compatible ciphers, including AES, RC4, RC2, Triple DES and DES, and hash functions SHA, MD5, MD4 and MD2.

In this section we will improve the above ftp.php script, by adding some security to it, by setting some of the predefined constants : CURLOPT_SSL_VERIFYHOST, CURLOPT_FTP_SSL, CURLOPT_USERPWD, CURLOPT_SSLVERSION:

PHP Data Transfer via FILE with Libcurl

URL (Uniform Resource Locator) File Protocol is the browser-standard scheme used for accessing files on a local computer. The URL should start with "file://" followed either by the host name of the local computer, "localhost" or void. In the next application you will see a simple example of using the FILE protocol:

PHP Data Transfer via HTTP with Libcurl

The Hypertext Transfer Protocol (HTTP) represents the foundation of data communication for the World Wide Web and a networking protocol for distributed, collaborative, hypermedia information systems. An HTTP session represents a sequence of network request-response transactions, most used to access information on the Internet. The HTTP protocol is a text one and is the implicit protocol for the World Wide Web (WWW). An HTTP client initiates a request, it establishes a Transmission Control Protocol (TCP) connection to a particular port on a host (typically port 80; see List of TCP and UDP port numbers). An HTTP server listening on that port waits for a client's request message. Upon receiving the request, the server sends back a status line, such as "HTTP/1.1 200 OK", and a message of its own, the body of which is perhaps the requested resource, an error message, or some other information.

Next, is a simple application uses basic cURL option set to handle an HTTP session:

<?php
//Initializes a new session and return a cURL handle for use with the curl_setopt(), curl_exec() and curl_close() functions
$curl = curl_init();
//Sets an option on the given cURL session handle like url, timeout, return transfer
curl_setopt($curl, CURLOPT_URL, 'http://www.google.ro');
curl_setopt($curl, CURLOPT_TIMEOUT, 30);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
// Execute the given cURL session (get the content of the url and put it into the output variable)
$output = curl_exec($curl);
// Outputs the result
echo $output;
// Print the curl info like http response code, content type etc.
// print_r (curl_getinfo($curl));
// close the curl handle to free system resources
curl_close($curl);
?>

The below PHP script try to initialize an HTTPS session using two methods. One that doesn't verify the peer's certificate, and obviously not a safe one, by setting the false value (curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);) and one that checks the peer certificate, verify the host and then checks the certificate used to verify the peer. This certificate can be obtain from the restricted page like this: in the Tools menu of the browser (Mozilla Firefox in this case), choose the option Page Info -> Security Tab -> Details Tab -> View Certificate and select the certificate at the top of the hierarchy and then Export it into your corresponding folder to your application. I choose to put it together with my https.php script, also listed next:

<?php
// Initialize session and set URL.
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, 'https://encrypted.google.com/');
curl_setopt($ch, CURLOPT_TIMEOUT, 80);
// Set so curl_exec returns the result instead of outputting it.
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
// Stops cURL from verifying the peer's certificate
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
//Sets the cURL to verify the peer's certificate
//curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, true);
// 1 to check the existence of a common name in the SSL peer certificate.
//2 to check the existence of a common name and also verify that it matches the hostname provided.
//2 is the default value
//curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 2);
//The name of a file holding one or more certificates to verify the peer with. This only makes sense when used in combination with CURLOPT_SSL_VERIFYPEER.
//curl_setopt($ch, CURLOPT_CAINFO, getcwd() . "GTECyberTrustGlobalRoot.crt");
// Get the response and close the channel.
$response = curl_exec($ch);
echo $response;
print_r (curl_getinfo($ch));
curl_close($ch);
?>

Conclusion

Over the article you have seen how to transfer data using various protocols, like FTP, FTPS, HTTP, HTTPS, FILE, and cURL.

About the Author

Octavia Andreea Anghel is a senior PHP developer currently working as a primary trainer for programming teams that participate at national and international software-development contests. She consults on developing educational projects at a national level. She is a coauthor of the book "XML Technologies: XML in Java" (Albastra, ISBN 978-973-650-210-1), for which she wrote the XML portions. In addition to PHP and XML, she's interested in software architecture, web services, UML, and high-performance unit tests. to e-mail her.